ExpertEasy1 markMultiple Choice
AWS SAA-C03 · Question 08 · Domain 1.2: Secure Workloads
A company is hosting a web application on EC2 instances behind an Application Load Balancer (ALB). The company wants to protect the application from common web exploits like SQL injection and cross-site scripting (XSS). Which AWS service should be used?
A company is hosting a web application on EC2 instances behind an Application Load Balancer (ALB). The company wants to protect the application from common web exploits like SQL injection and cross-site scripting (XSS). Which AWS service should be used?
Answer options:
A.
AWS Shield Advanced
B.
Amazon GuardDuty
C.
AWS WAF
D.
AWS Network Firewall
How to approach this question
Identify the service that protects against Layer 7 attacks (SQLi, XSS). AWS WAF attaches to ALBs, API Gateway, and CloudFront.
Full Answer
C.AWS WAF✓ Correct
AWS WAF
AWS WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs, protecting against SQLi and XSS.
Common mistakes
Confusing WAF (Layer 7 web exploits) with Shield (DDoS protection).
Practice the full AWS SAA-C03 Practice Exam 7
65 questions · hints · full answers · grading
More questions from this exam
Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team needs...MediumQ02An application runs on Amazon EC2 instances and needs to access an Amazon S3 bucket. What is the ...EasyQ03A company wants to implement federated access to the AWS Management Console for its employees usi...MediumQ04A company is building a mobile application that requires users to sign in using their social medi...EasyQ05A security team wants to enforce MFA for all IAM users before they can terminate EC2 instances. H...Medium